# ledzr-live.pages.dev — SUSPICIOUS

> ledzr-live.pages.dev poses an elevated phishing threat, with just 1/95 security vendors detecting it. Avoid entering personal data to prevent credential theft.

## Summary
PhishDestroy identifies ledzr-live.pages.dev as an active phishing domain designed to deceive users into disclosing sensitive information. This domain leverages Cloudflare's infrastructure (registered via Cloudflare, Inc.) and a Google Trust Services SSL certificate to appear legitimate, masking its malicious intent. The primary threat involves credential harvesting, where unsuspecting victims may input login details, payment information, or personal data into spoofed login portals or forms hosted on this site. The domain resolves to IP address 172.66.47.151, a Cloudflare-operated server commonly abused for obfuscating phishing operations.  

This domain was flagged by only 1 out of 95 security vendors on VirusTotal, indicating low detection rates despite its active phishing operations. The registrar, Cloudflare, Inc., is not inherently malicious but is frequently exploited by threat actors to rapidly deploy and hide malicious infrastructure. The use of Cloudflare Pages (pages.dev subdomain) adds a veneer of legitimacy, as the platform is widely trusted for legitimate web development. While the specific creation date is undisclosed, the domain's activity status and low detection rate suggest it is a recently deployed or evolving threat, likely targeting users through social engineering tactics such as spoofed emails, fake login pages, or malicious links.  

If you or someone you know has visited ledzr-live.pages.dev, immediately cease any interaction with the site and avoid entering personal or financial information. Check your accounts for unauthorized access, especially those linked to the information you may have submitted. Use a reputable antivirus or anti-phishing tool to scan your device for malware, as phishing domains often distribute malicious payloads. Report the domain to your email provider, browser security tools, or organizations like Google Safe Browsing to help block future access. Proactively monitor financial transactions and consider enabling two-factor authentication (2FA) on critical accounts to mitigate potential credential theft. For further assistance, consult cybersecurity resources or professional IT support to ensure comprehensive protection.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Cloudflare, Inc.
- IP: 172.66.47.151

## Detection Status
- VirusTotal: 1 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/0889410c-e0cd-4612-be5e-0087b6593d32
- PhishDestroy: https://phishdestroy.io/domain/ledzr-live.pages.dev/
- LLM endpoint: https://phishdestroy.io/domain/ledzr-live.pages.dev/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/ledzr-live.pages.dev/
Last updated: 2026-03-21